Message Attachments

Retrieving media

Media in direct messages must be retrieved via an authenticated app-user GET request. It is advised that applications store user's access tokens to use for direct message media retrieval.

For media in direct messages, media_url is the same https URL as media_url_https and must be accessed by signing a request with the user’s access token using OAuth 1.0A.

You can no longer access media via an authenticated www.twitter.com session. We cannot prescribe how you should update your integration if you are affected by this change. However, here is one implementation path to address this that we endorse:

Make sure you’re storing a user’s Twitter access token, if you’re not already

Set up an endpoint to make OAuth requests to Twitter to retrieve DM images on behalf of the user using the user’s Twitter access token:

The endpoint should be a GET endpoint

The endpoint must be authenticated

The endpoint must deny all cross-origin requests

The endpoint must only be used for making requests to retrieve DM images, and must deny requests to other Twitter APIs

By using Twitter’s services you agree to our Cookies Use. We use cookies for purposes including analytics, personalisation, and ads.

This page and certain other Twitter sites place and read third party cookies on your browser that are used for non-essential purposes including targeting of ads. Through these cookies, Google and Demandbase collect personal data about you for their own purposes. Learn more.